Víðir Valberg Guðmundsson
b2fa1dc92c
* Almost done, need the send to economic part. * Add a way to approve/reject an reimbursement and send mails accordingly. * finish work on custom invoice address * add textfield notes to Order for internal orga notes about the order * Almost done, need the send to economic part. * Add a way to approve/reject an reimbursement and send mails accordingly. * economy commit of doom.. replace reimbursement app with an economy app, add Expense and Reimbursement models, add management of expenses and reimbursements to backoffice. Rework and cleanup permissions stuff, add Camp.Permissions pseudo model to hold all our non-model permissions. still experimental, expect rough edges, but basic functionality should work.
27 lines
938 B
Python
27 lines
938 B
Python
from django.contrib import messages
|
|
from django.http import HttpResponseForbidden
|
|
from django.contrib.auth.mixins import PermissionRequiredMixin
|
|
|
|
|
|
class StaffMemberRequiredMixin(object):
|
|
"""
|
|
A CBV mixin for when a view should only be permitted for staff users
|
|
"""
|
|
def dispatch(self, request, *args, **kwargs):
|
|
# only permit staff users
|
|
if not request.user.is_staff:
|
|
messages.error(request, "No thanks")
|
|
return HttpResponseForbidden()
|
|
|
|
# continue with the request
|
|
return super().dispatch(request, *args, **kwargs)
|
|
|
|
|
|
class RaisePermissionRequiredMixin(PermissionRequiredMixin):
|
|
"""
|
|
A subclass of PermissionRequiredMixin which raises an exception to return 403 rather than a redirect to the login page
|
|
We use this to avoid a redirect loop since our login page redirects back to the ?next= url when a user is logged in...
|
|
"""
|
|
raise_exception = True
|
|
|